CVE

Id
81668  
CVE No.
CVE-2015-4391  
Status
Candidate  
Description
Cross-site request forgery (CSRF) vulnerability in the CiviCRM private report module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of users for requests that delete reports via unspecified vectors.  
Phase
Assigned (20150605)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
733392 81668 CVE-2015-4391 MLIST:[oss-security] 20150425 CVE requests for Drupal contributed modules (from SA-CONTRIB-2015-034 to SA-CONTRIB-2015-099)  View
733393 81668 CVE-2015-4391 URL:http://www.openwall.com/lists/oss-security/2015/04/25/6  View
733394 81668 CVE-2015-4391 MISC:https://www.drupal.org/node/2467697  View
733395 81668 CVE-2015-4391 CONFIRM:https://www.drupal.org/node/2467631  View
733396 81668 CVE-2015-4391 CONFIRM:https://www.drupal.org/node/2467635  View
733397 81668 CVE-2015-4391 BID:74351  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
8485 JVNDB-2015-003805 Windows および Mac OS X 上で稼働する Adobe Reader および Acrobat におけるサービス運用妨害 (DoS) の脆弱性 Windows および Mac OS X 上で稼働する Adobe Reader および Acrobat には、サービス運用妨害 (NULL ポインタデリファレンス) 状態にされる脆弱性が存在します。 CVE-2015-4443 81668 5 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-003805.html  View